diff options
| author | Daniel P. Berrangé <berrange@redhat.com> | 2020-11-04 13:57:21 +0000 |
|---|---|---|
| committer | Daniel P. Berrangé <berrange@redhat.com> | 2021-01-29 17:07:53 +0000 |
| commit | 4d7beeab38e6d2d242bcf110532ff6a9b03bd53d (patch) | |
| tree | 0aea2f318aa514eb7a5f69b7cd728a8af80918fb | |
| parent | 166310299a1e7824bbff17e1f016659d18b4a559 (diff) | |
| download | qemu-4d7beeab38e6d2d242bcf110532ff6a9b03bd53d.zip qemu-4d7beeab38e6d2d242bcf110532ff6a9b03bd53d.tar.gz qemu-4d7beeab38e6d2d242bcf110532ff6a9b03bd53d.tar.bz2 | |
Prefer 'on' | 'off' over 'yes' | 'no' for bool options
Update some docs and test cases to use 'on' | 'off' as the preferred
value for bool options.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
| -rw-r--r-- | docs/system/vnc-security.rst | 10 | ||||
| -rw-r--r-- | include/authz/listfile.h | 2 | ||||
| -rw-r--r-- | qemu-options.hx | 4 | ||||
| -rwxr-xr-x | tests/qemu-iotests/233 | 4 |
4 files changed, 10 insertions, 10 deletions
diff --git a/docs/system/vnc-security.rst b/docs/system/vnc-security.rst index 558e4fa..ebca656 100644 --- a/docs/system/vnc-security.rst +++ b/docs/system/vnc-security.rst @@ -65,7 +65,7 @@ encrypted session. .. parsed-literal:: |qemu_system| [...OPTIONS...] \ - -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=no \ + -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=off \ -vnc :1,tls-creds=tls0 -monitor stdio In the above example ``/etc/pki/qemu`` should contain at least three @@ -84,12 +84,12 @@ connecting. The server will request that the client provide a certificate, which it will then validate against the CA certificate. This is a good choice if deploying in an environment with a private internal certificate authority. It uses the same syntax as previously, -but with ``verify-peer`` set to ``yes`` instead. +but with ``verify-peer`` set to ``on`` instead. .. parsed-literal:: |qemu_system| [...OPTIONS...] \ - -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \ + -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ -vnc :1,tls-creds=tls0 -monitor stdio .. _vnc_005fsec_005fcertificate_005fpw: @@ -103,7 +103,7 @@ authentication to provide two layers of authentication for clients. .. parsed-literal:: |qemu_system| [...OPTIONS...] \ - -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \ + -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ -vnc :1,tls-creds=tls0,password -monitor stdio (qemu) change vnc password Password: ******** @@ -145,7 +145,7 @@ x509 options: .. parsed-literal:: |qemu_system| [...OPTIONS...] \ - -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=yes \ + -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ -vnc :1,tls-creds=tls0,sasl -monitor stdio .. _vnc_005fsetup_005fsasl: diff --git a/include/authz/listfile.h b/include/authz/listfile.h index 0a1e5bd..0b7fe72 100644 --- a/include/authz/listfile.h +++ b/include/authz/listfile.h @@ -73,7 +73,7 @@ OBJECT_DECLARE_SIMPLE_TYPE(QAuthZListFile, * The object can be created on the command line using * * -object authz-list-file,id=authz0,\ - * filename=/etc/qemu/myvm-vnc.acl,refresh=yes + * filename=/etc/qemu/myvm-vnc.acl,refresh=on * */ struct QAuthZListFile { diff --git a/qemu-options.hx b/qemu-options.hx index 9172d51..d0410f0 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -5027,7 +5027,7 @@ SRST Note the use of quotes due to the x509 distinguished name containing whitespace, and escaping of ','. - ``-object authz-listfile,id=id,filename=path,refresh=yes|no`` + ``-object authz-listfile,id=id,filename=path,refresh=on|off`` Create an authorization object that will control access to network services. @@ -5072,7 +5072,7 @@ SRST # |qemu_system| \\ ... \\ - -object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=yes \\ + -object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=on \\ ... ``-object authz-pam,id=id,service=string`` diff --git a/tests/qemu-iotests/233 b/tests/qemu-iotests/233 index 7ce5764..da150cd 100755 --- a/tests/qemu-iotests/233 +++ b/tests/qemu-iotests/233 @@ -84,7 +84,7 @@ echo echo "== check plain client to TLS server fails ==" nbd_server_start_tcp_socket \ - --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \ + --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \ --tls-creds tls0 \ -f $IMGFMT "$TEST_IMG" 2>> "$TEST_DIR/server.log" @@ -129,7 +129,7 @@ echo "== check TLS with authorization ==" nbd_server_stop nbd_server_start_tcp_socket \ - --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=yes \ + --object tls-creds-x509,dir=${tls_dir}/server1,endpoint=server,id=tls0,verify-peer=on \ --object "authz-simple,id=authz0,identity=CN=localhost,, \ O=Cthulu Dark Lord Enterprises client1,,L=R'lyeh,,C=South Pacific" \ --tls-authz authz0 \ |